Consumer Threats News, Articles and Updates

Has Lenovo lost the security plot?

Less than a year after Superfish, Lenovo is making the security news once more for all the wrong reasons.

"Nine-Ball" mass injection attack compromised 40,000 sites

A new threat dubbed "Nine-Ball" has compromised up to 40,000 legitimate websites, which are, in turn, infecting users with an information-stealing Trojan, according to security vendor Websense.

Microsoft says password stealers pose biggest threat

The top two threat families on Microsoft's detection and removal list this month are online game password stealers (PWS).

Underage children 'are regular visitors to networking sites'

Social networking groups should do more to prevent underage users from accessing them, warns an IT security company.

Sloppy identity verification 'must make firms liable for fraud'

Organisations that hold personal data should be made liable for fraudulent transactions, say BT security experts.

Study: Security flaws threaten online banking

More than 75 percent of bank websites have at least one design flaw that could lead to the theft of customer information, according to a recent University of Michigan study.

New trojan in the wild targeting multimedia files

A new trojan in the wild is infecting multimedia files on a victim's hard disk.

Multiple vendors cooperate to issue DNS design flaw fix

A massive domain name server (DNS) design vulnerability that could permit cache poisoning - effectively allowing an attacker to direct users to the website of his choosing - is set to be fixed by an unprecedented synchronized series of multivendor patches.

Microsoft investigates ActiveX public exploits

Microsoft said on Monday that attackers are exploiting a zero-day ActiveX vulnerability in the Snapshot Viewer for Microsoft Access.

Mozilla set to develop risk model for software development

Mozilla is trying to refute the notion that the buggier the software, the less secure it is.

Steganography developers turn their attention to hiding information in VoIP

The abundance of voice over IP equipment has led researchers to develop a range of techniques which, instead of hiding information in standard data traffic, will allow individuals to instead hide information in VoIP streams

Indian Government withdraws threat over BlackBerry services

The threat which could have led to the country's BlackBerry services being suspended appears to have lifted after the Government backed down on its own demands for access to users' data

HMRC breach would have been avoided for just £15,000

The catastrophic loss of information of 25 million UK citizens last year would have been avoided if Her Majesty's Revenue and Customs had spent a maximum of £15,000 on the extraction of data, but it turned down this expenditure because information security was such a low priority, one of the breach investigators revealed today

Data watchdog admits to deluge of Central Government breach info

The Information Commmissioner's Office has revealed it has been voluntarily informed of a huge number of security breaches - mostly in Westminster - while it eyes up plans for a new law which could make the reporting of such incidents compulsory

PCI standard widened to include unattended point-of-sale terminals

Terminals such as those found in vending machines and on fuel pumps are to be included in additional guidelines to be written by the PCI Security Standards Council, producing extra demands on retailers

Apple updates OS X to address security and performance issues

OS X Leopard gets a new version as the Mac maker moves to improve reliability and squash a whole hatful of vulnerabilities

Europe just "weeks" away from data sharing deal with FBI

Brussels insiders have confirmed that the European Commission is nearing the conclusion of talks with the Americans over the provision of citizens' personal information to the FBI for terrorism fighting purposes

Deadline arrives for latest PCI standard requirement

Companies that aren't in compliance with PCI DSS Section 6.6 risk fines and other losses that could reach into the millions of dollars

Exclusive: Privacy campaigners may sue EC over provision of citizens' personal data to the FBI

A leading civil rights organisation is threatening the European Commission with legal action as Brussels nears an agreement with the US over plans to release details of individuals' credit card histories and internet browsing habits to the FBI

Poynter review: HMRC has radically reduced security risks

PwC chairman Kieran Poynter, the man tasked to investigate what happened in the catastrophic HMRC data breach, has revealed that significant progress has been made since the disastrous information leakage last October

Pacific island knocked off internet by DDoS attack

The Marshall Islands have been subjected to a prolonged bout of unexpected email traffic, preventing citizens receiving emails, but the reason for the attack remains unclear

Scotland loses details of nearly one million 999 calls

Parcel courier TNT has lost a disk containing extensive details of emergency calls made in Scotland over the last two years

Euro 2008's 'Malicious XI' revealed

McAfee has analysed the way professional footballers' names are being cited by unsafe websites, and has produced a list of those players whose names are most likely to give fans a malware headache

Voice biometrics wins cautious early acceptance

Consumers are warming to the idea of using their voice to gain access to their private information, but widespread concerns persist

Facebook faces accusations of 22 privacy violations

The social networking site has been hit by a legal complaint from Canada, which claims it has failed to gain users' permission to distribute their information

Motorola RAZR found vulnerable to JPEG attack

Hackers could run malicious code on the RAZR device by sending a corrupt image by MMS, according to an advisory from TippingPoint

Confirmed: London is an ID fraudster's paradise

A nationwide report based on thousands of cases of identity fraud has confirmed that the Capital has a serious ID problem, while some local governments seem to have given up helping residents

EU Commission says payment fraud moving to the internet

In spite of efforts to halt electronic fraud, the internet has remained a dangerous place to do business, according to a report from the European Commission. It reported ten million fraudulent transactions that cost European Union merchants a cumulative 1.5 billion Euros (£1.1 billion) in losses each year.